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[57] ABSTRACT 

A method for encrypting signals utilizes the receiver 
serial number to generate an index number which is 
used in turn to select an encryption table from among a 
plurality of such tables. The index nimiber used in con- 
juction with any given signal b modified for greater 
security by adding the units digit of the signal length. 
Further modification of the index number can be made 
by adding the units digit of the time of transmission. The 
index number is further modified by adding a shift num- 
ber by which all data characters are shifted during en- 
cryption. In signals based on a defined protocol, the 
shi^ number and the units digit of the transmission time 
are hidden in unused protocol positions within the sig- 
nal. 
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character translation in accordance with the encryption 
ENCRYFnON SYSTEM table. 

In another embodiment the index number generation 
BACKGROUND OF THE INVENTION process additionally makes use of an arbitrary number 

^ - , ,3 which is transmitted to the receiver by encoding it 

This mvention relates to a system for encryptmg and -^.^ ^ ^p^^ed position in the signal, 

dccryptmg data signals. Another embodiment relates to telecommunications 

As IS appreciated by those of ordmary skill havmg the ^^^^ ^^^^ ^^^^^ ^^^^^^^ ^^^^ by a con- 
benefit of this disclosure, the transmission of encrypted ^^^^^ ^^^^ acts as an intermediary between the re- 
data requires both sender and receiver to have access to jQ ^g|^gj3 tjjg transmitter and which has its own 
information about the encry^ition method to be mcorpo- j^^q^ ^g^al or other identifying number. In this em- 
rated into both the encryption method and the dccryp- bodiment, the index number generation process makes 
tion method. An operator receiving a Morse code sig- of the serial numbers of both the receiver in question 

nal, for example, is able to decrypt the signal because of a^jj dispatcher, as well as the signal length and the 
his a priori knowledge of the meaning of the signal 15 arbitrary number, 
patterns. 

Likewise, a signal can be encrypted using a cipher BRIEF DESCRIPTION OF THE DRAWINGS 

table or encryption table when both sender and receiver FIG. 1 illustrates a typical telecommunications sys- 
have access to a copy of the table. A simple and well- tem of the kind on which the invention can be impte- 
known example is an encryption table such as shown in 20 mented. FIG. 2 depicts a portion of a simple encryption 
FIG. Z. In such a table, each letter of the alphabet in the table of the kind usable in accordance with the inven- 
clear-text signal is encrypted by locating it in in the first tion. FIGS. 3 and 4 are flow charts of the general meth- 
column of the table and translating it to the correspond- ods used to encrypt and decrypt signals, respectively, in 
ing letter in the second column of the tabic. The letters accordance with the present invention. FIG. 5 is a flow 
in the second column comprise the letters of the alpha- 25 chart that depicts, in expanded form, one technique for 
bet distributed at random. In the example shown in performing an index-number generation step shown in 
FIG. 2, the word "cab" would be translated to "zmi." A FIGS. 3 and 4. FIGS. 6 and 7 are flow charts of addi- 
greater number of permutations can be obtamed for the tional steps that can be performed in conjunction with 
second column by encrypting each clear-text letter mto the methods generally depicted in FIGS. 3-5. 
two-letter sequences, three-letter sequences, and so 30 FIG. 8 shows another type of typical telecommumra- 
forth. And of course, nonletter characters such as num- t^o^s system on which an alternate embodiment of the 
hers can also be encrypted along with letters in a similar invention can be unplemented. FIG. 9 is a flow chart of 
jjj^jy^g^ r ^ ^ general method m accordance with the alternate em- 

It is also well-known to increase the security of an bodiment, and FIG. 10 is a flow chart showing one step 
encrypted transmission by utilizing different encryption ^5 m tte method m expanded fom 
tabl<^ A familiar example is the one-time pad, in which , Throughout tiie following detailed description, smn- 
iaui«. lommoi ca(uuh«^ " uiit-iuiiw ^jau, ui witiw reference numerals refer to smiilar elements m all 

a senes of encrypuon tables is used, with each enctyp- 
tion table bcmg used once, or on one day, etc.. then 

discarded. DETAILED DESCRIPTION OF SPECIFIC 

The simple translation method described above is but EMBODIMENTS 
one method of encryption. Many complex and sophisti- ^ ^^^^^^^ ^^^^^ connection 

cated encryption techmques are also known. Many such ^.^ telecommmiications systems utUizing a bisynchro- 
techmqu^ require considerable work and tnne, even ^^^^ ^^^^^^ multidrop protocol such as the well- 
when performed on a computer, to generate an en- j^^^ jgj^ 3270 protocol. It will be understood by 
crypted signal. Computer encryption using such meth: ordinary skiU having the benefit of this disclo- 

ods can be very hardware intensive, requiring consider- ^^^^ ^^^^ presented as an illustration of the 

able memory to be used effectively. invention as claimed below and not as a limitation on 

In many situations the added security provided by j^e claimed subject matter, 
such complex methods is worth the cost in time and jq Referring to FIGS. 1 and 2, in the exemplar system, 
resources. In other situations, however, simpler meth- ^^^^^ of a plurality of encryption tables are stored in a 
ods that provide some lesser level of security can be storage unit 10 such as dynamic read-write memory 
more cost-effective. (RAM), a read-only memory (ROM), magnetic or opti- 

SUMMARY OF THE INVENTION ^ suitable storage, that is accessible to a 

55 transmitting unit 11. The transmitting unit 11 is in turn 

In accordance with the present invention, an encryp- associated with calculating apparatus 12 such as a pro- 
tion system and a corresponding decryption system are grammable central processing unit (CPU), a program- 
disclosed. The systems include methods that are used m mable read-only memory (PROM), or hard-wired dis- 
transmitting signals by a transmitter to a receiver hav- crete logic circuitry. In a typical communications instai- 
ing a known serial or other identifying number. eo lation, the calculating apparatus 12 often controls the 

For each signal, the encryption method uses one of a transmitting unit 11, as symbolized by control and moni- 
plurality of encryption tables for encipherment of the toring arrows 12a and 12^, as well-known to those of 
signal. Each table is stored at both the transmitter and ordinary skill. It will also of course be recognized that 
the receiver. The selection of a particular encryption the transmitting unit 11 can equivalently be controlled 
table is based on an index number that is generated using 65 by other well-known means. 

the receiver's serial number and the length of the signal. In each encryption table in accordance with the in- 
Encrypted signals are generated in any of a number of venrion, data characters (e.g., the letters a-z and A-Z 
waysknowntothoseofskillintheart, e.g., byasimple and the decimal numbers 0-9) are each represented 
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respectively by unique encryption characters, which It will be appreciated by those of ordinary skill hav- 
may be generated at random in accordance with well- ing the benefit of this disclosure that the foregoing sum- 
known methods. FIG. 2 illustrates a portion of a typical of-the-digits method for generating an index number 
simple encryption tabic. For many purposes, a single INDEX, depicted in FIG. 5, is merely an example and 
encrypted character corresponding to each clear-text 5 that any desired method can be used to process the 
character will suffice. receiver serial number. All that is required is that the 

A copy of each encryption table is also stored in a receiver's calculating apparatus 16 be capable of gener- 

storage unit 14 accessible to a receiver 13 which in turn ating the same index nimiber as the transmitting unit, 

is associated with calculating apparatus 16 such as a I^^ ^ same vein, referring to FIG. 6, further security 

programmable CPU, FROM, or hard-wired discrete 1*> is ^^d by complicating the index number generation 

logic circuitry. Likewise stored to be accessible to the process, again with data readily available to the calcu- 

calculating apparatus 16, e.g., in the storage unit 14 or ^^^ing apparatus 12 and 16 of both the transmitter 11 and 

other suitable storage (or. cquivaicntly, hard-wired in receivCT 15, respectively. For instance, in protocol 

discrete logic circuitry), is a serial or other identifying systems such as the IBM 3270 system, each signal has a 

number associated with the receiver 15. Again, it will be ^ 5 definite length that can be measiued at both the trans- 

recognized by those of ordinary skill that the calculat- ^ receiver 15. A number based on this 

ing apparatus 16 wUl typically control the receiver 15, length can be included in the index number generation 

as symbolized by control and monitoring arrows 16<i ^^25^?; ..... 

and 166. but that such control can equivalently be had . ^^"!'''^* "^S. ^"^e example, as shown 

by other weU known means. ^ ^' ^^^^ °^ "'8"^ '^S'*" 

All receiver serial numbers are also stored in a stor- f^^'^ variable, and this result truncated 

age unit accessible to the transmitter calculating appara- equivalently. recursively summed, or .othervjise 

tus 12 such as the storage unit 10. ^ k " ' " ' single-digit 

As shown generally in FIG. 3, for each outgoing - . ^'^n^ , ^ n • u j u 

, ^ , -i ,*25 Refemng to FIG. 7, still more secunty is had by 

signal to a particular receiver 15. an mdex number r^^rl- " i„ 

INDEX is generated by the transmitter calculating m an arbrtrary numter. e.g, by addmg to the 

" iimiaimwvci ^wui^uig INDEX vanable a third number such as the umts digit 

apparatus 12. An encryption table uniquely associated ^ representation of the present time. The receiver 

with the generated mdex number is then selected for .^i^g ^us 16 mJst be informed of the value 

use. The details of programming the c^^^^ 30 ^^^^^ ^ ^^^^y ascertainable or 

tus 12 to access the storage umt 10. to perform the calculatable at the receiver 15. Therefore, this third 

reqmred calculations, and so forth are well known to ^^^^^ g^^^ded unencrypted in the signal, e.g., at an 

those of ordmary skiU and will not be further descnbed ^^^^^^ protocol position. 

^^l^' . , . ,. . . . , example, in a 3270 system that does not utilize 
In a simple embodimen^ smeen encp^ptton tables 35 set-buffer-address commands, the second position of the 
may be used, numbered OH-FH. (Numbers with the ^-byXe set-bufTer-address prefix defmed in the 3270 pro- 
suffix H are m the "base 16" hexadecimal numbering tQcol can be used. Those of ordinary skill will appreci- 
system, often referred to as the •'hex" system, which has ^^at in the 3270 protocol, the second position of this 
16 digits 0H-9H and AH-FH. By comparison, the tradi- prefix is always a number from 0 to 9. In this example, 
tional decunal system uses a basc-10 numbering system 40 therefore, the arbitrary digit used as the third number 
having 9 digits 0-9. Numbers with no suffix or the suffix can be left in single-digit decimal form so that it will 
D are m the decimal system.) An encryption table is appear to be a legitimate protocol symbol, 
selected by gaierating a single- (hex) digit index num- such an arrangement, the receiver calculating ap- 
ber. by summing the hex digits of the receiver serial paratus 16 is suitably programmed in accordance with 
number. 45 well-known techniques to parse the incoming signal and 
One method of generating an index number is de- to extract the arbitrary digit from the prespecified loca- 
picted in FIG. 5. As an illustrative example, a signal tion. 
may be transmitted to a hypothetical receiver 15 whose 

serial number is 123456D. The mdex number for that Alternative Embodiment 

receiver would be generated by the transmitter's calcu- 50 An alternative embodnnent of the system can be used 

lating apparatus 12 by summing the serial number digits in telecommunications systems such as is illustrated in 

to obtain the multi-digit INDEX number 15H (21D). FIG. 8. in which a plurality of receivers 15 is serviced 

The digits of INDEX are in turn truncated as shown by a single controller 17, itself having a serial or other 

in FIG. 5 to obtain a number, in this case the single-digit identifying number, which acts as an intermediary be- 

number 5H. Thus, encryption table number 5H would 55 tween the transmitting unit 11 and the receivers • 15. 

be used by the calculating apparatus 12 for encrypting Such a controller generally is controlled by a calculat- 

that signal. ing apparatus 18 which has access to a storage unit 19, 

The truncation operation can be replaced by equiva- as symbolized by arrows 16<j and \6b, 

lents such as recursive summing of the digits or other In such telecommunications systems, the receivers* 

specified operation. In FIGS. 6-7, the truncation or 60 calculating apparatus 16 typically do not have ready 

other specified operation is represented as "sin- access to enough memory for convenient storage of the 

gle_digit(INDEX)'* using the common function-and- encryption tables, while the controller's calculating 

argument notation familiar to those of ordinary skill. apparatus 18 generally does have such access. For such 

When the receiver 15 receives the signal, its calculat- a telecommunications system, an encrypted signal can 

ing apparatus 16 performs its own similar index number 65 be generated as described above by using the serial 

generation process. This yields the index number number of the controller 17 instead of the receiver 15 

INDEX that determines which encryption table to use serial number and by programming the controller calcu- 

for decrypting the signal. lating apparatus 18 to decrypt the signals. 
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Receiver calculating apparatus 15 in such systems 
usually do have some programming capability and 
"scratchpad" memory such as storage 14. For such 
systems, additional security can be had during the en- 
cryption process by generating a shift number SHEFT 5 
using the particular receiver 15 serial number for which 
the signal is destined (by summing its digits or otherwise 
as described above), then adding the shift number 
SHIFT, prior to encryption, to selected characters in 
the signal. This metiiod is generally illustrated in FIGS. ^0 
9 and 10. 

For example, in the 3270 protocol, each character in 
the range 20H-7FH can be shifted by adding a single 
hex digit OIH-OFH, generated from the receiver serial 
numbcn any shift past the 7FH boundary can be 
wrapped around to 20H to avoid including control 
characters in the encrypted signal. 

Alternatively, the shift number SHIFT can be arbi- 
trary and can be stored unencrypted in the signal at an 
unused, protocol position, as described above, e.g., in 
the third character of the preHx of a 3270 protocol 
message. 

If desired, the SHIFT number can be incorporated in 
the INDEX number in the manner described above. 
This adds still another layer of complexity to the en- 
cryption process, with relatively little cost in time and 
resources. 

In such an embodiment, the controller calculating 
apparatus 18 is programmed as described above to de- 
crypt the "shifted" signal and pass it on, still shifted, to 
the selected receiver 15. The programming of the re- 
ceiver calculating apparatus 16 causes it to generate the 
shift number SHIFT as described above and then to 
"unshiff * the decrypted signal using the reverse of the 35 
technique shown in FIG. 10. i.e., by subtracting the 
SHIFT number from each character in the shifted por- 
tion of the signal and wrapping to the top of the permis- 
sible range as necessary. 

It will be appreciated by those skilled in the art hav- 4^ 
ing the benefit of this disclosure that this invention is 
believed to be capable of application in other situations. 
Accordingly, this description is to be construed as illus- 
trative only and as for the purpose of teaching those 
skilled in the art the manner of carrying out the inven- 45 
tion. 

It is also to be understood that the form of the inven- 
tion shown and described is to be taken as the presently 
preferred embodiment. Various modifications and 
changes may be made without departing from the spirit 50 
and scope of the invention as set forth below in the 
claims. It is intended that the following claims be inter- 
preted to embrace all such modifications and changes. 

What is claimed is: 

1. A method, for encrypting a signal for transmission 25 
to a receiver, 

said signal having a known length representable by 
a length number comprising one or more digits, 
said receiver having a known identifying number 
comprising one or more digits, 60 
the method comprising the steps of: 
generating a hash number by performing a specified 
hashing operation using the identifying number as 
an operand; 

generating a single-digit index number by adding the 65 
units digit of the signal length number to the hash 
number and performing a specified generation op- 
eration; and 



6 

encrypting the signal in accordance with an encryp- 
tion table corresponding to said index number. 

2. A method for encrypting a signal for transmission . 
to a receiver, said receiver having a known identifying 
number comprising one or more digits, said method 
compri5ing4he steps of: 

generating a hash number by performing a specified 
hashing operation using the identifying number as 
an operand; 

encoding an arbitrary number at a specified position 
in the signal outside the specified portion; 

generating a single-digit index number by adding the 
arbitrary number to the hash number and perform- 
ing a specified generation operation; and 

encrypting the signal in accordance with an encryp- 
tion table corresponding to said arbitrary number. 

3. A method for encrypting a signal for transmission 
to a receiver 

said signal having a known length representable by 
a length number comprising one or more digits, 
said receiver having a known identifying number 
comprising one or more digits, 
the method comprising the steps of: 
generating a hash number by performing a specified 
hashing operation using the identifying number as 
an. operand; 

generating a single-digit index number by adding the 
units digit of the signal length number to the hash 
number and performing a specified generation op- 
eration; and 

encrypting the signal in accordance with an encryp- 
tion table corresponding to said index number. 

4. A method for encrypting a specified portion of a 
signal for transmission to a receiver, 

said specified portion having a known length repre- 
sentable by a length number comprising one or 
more digits, 

said receiver having a known identifying number 
comprising one or more digits, 
the method comprising the steps of: 
performing a summing-of-the-digits operation on said 

identifying number to generate a single-digit hash 

number; 

encoding an arbitrary single-digit number at a speci- 
fied position in the signal outside the specified por- 
tion; 

obtaining an index number by adding to the hash 
number (a) the units digit of the signal length num- 
ber and (b) the arbitrary single-digit number, and if 
the result is greater than the base of the numbering 
system in which the index number is expressed, 
subtracting said base; and 

encrypting the signal in accordance with an encryp- 
tion table corresponding to said index number. 

5. A method for encrypting a specified portion of a 
signal for transmission to a controller for retransmission 
to a receiver, 

said specified portion having a known length repre- 
sentable by a signal length number, 
said controller and said receiver each having a 
known identifying number comprising one or 
' more digits, 
the method comprising the steps of: performing a 
specified hashing operation on the controller iden- 
tifying number to generate a controller hash num- 
ber; 

encoding an arbitrary number at a specified position 
in the signal outside the specified portion; 
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generating an index number by adding to the control- 
ler hash number (a) said signal length number and 
(b) the arbitrary number; 

performing a specified hashing operation on the re- 
ceiver identifying number to generate a shift num- 
ber; 

adding the shift number to selected numeric represen- 
tations of data symbols within the signal; and 

generating an encrypted signal in accordance with an 
encryption table corresponding to said index num- 
ber. 

6. A method for encrypting a specified portion of a 
signal for transmission to a controller for retransmission 
to a receiver, 

said specified portion having a known length repre- 
sentable by a length number comprising one or 
more digits, 

said controller and said receiver each having a 
known identifying number comprising one or 
more digits, 

the method comprising the steps of: 

performing a summing-of-the-digits operation on the 
receiver identifying number to generate a single- 
digit shift number, 

generating a shifted signal by adding the shift number 25 
to selected numeric representations of data symbols 
within the signal; 

performing a summing-of-the-digits operation on the 
controller identifying number to generate a single- 
digit controller sum number; 

encoding the units digit of a representation of the 
present time at a specified position in the signal 
outside the specified portion; 

obtaining a single-digit index number by adding to the 
controller sum number (a) the units digit of the 
signal length number and (b) the arbitrary single 
digit number and, if the result is greater than the 
base of the numbering system in which the result is 
expressed, subtracting said base; 

generating an encrypted signal based on the shifted 
signal using an encryption table corresponding to 
said index number. 

7. A method for using a plurality of numbered en- 
cryption tables to encrypt a signal for transmission to a 
receiver, 

said receiver having a known identifying number, 



30 



35 



40 



45 



said signal having a known length, 

the method comprising the steps of: 

generating an index number by performing one or 
more specified generation operations using the 
identifying number and the signal length as oper- 
ands; and 

encrypting the signal in accordance with an encryp- 
tion table corresponding to said index number. 

8. A method for using a plurality of numbered en- 
cryption tables to encrypt a specified portion of a signal 
for transmission to a receiver, 

said receiver having a known identifying number, 
said signal having a known length, 

the method comprising the steps of: 

encoding an arl^trary number into the signal at a 
position outside the specified portion; 

generating an index nimiber by performing one or 
more specified generation operations using the 
identifying number, the arbitrary number, and the 
signal length as operands; and 

encrypting the signal in accordance with the encryp- 
tion table corresponding to said index number. 

9. A method for using a plurality of numbered en- 
cryption tables to encrypt a specified portion of a signal 
for transmission to a controller for retransmission to a 
terminal, 

said control and said terminal each having a known 

identifying number, 
said signal having a known length, 

the method comprising the steps of: 

encoding an arbitrary number into the signal at a 
position outside the specified portion; 

generating an index number by performing one or 
more specified generation operations using the 
controller identifying number, the terminal identi- 
fying number, the arbitrary number, and the signal 
length as operands; and 

encrypting the signal in accordance with the encryp- 
tion table corresponding to said index number. 

10. An information storage device tangibly embody- 
ing a program comprising instructions adaptable for 
execution on a programmed machine, 

wherein the method of any one of claims 1-9 is per- 
formable through the execution of said instructions 
by the machine. 
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